package com.socialnetwork.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.socialnetwork.model.UserJB;
import com.socialnetwork.util.UtilFormat;
import com.socialnetwork.util.UtilFunction;
import com.socialnetwork.util.UtilString;

/**
 * Servlet Filter implementation class SecurityFilter
 * 
 */
@WebFilter(filterName="securityFilter", urlPatterns={ "/*" })
public class SecurityFilter implements Filter {
	
    /**
     * Default constructor. 
     */
    public SecurityFilter() {
    }

    /**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
	}
	
	/**
	 * @see Filter#destroy()
	 */
	public void destroy() {
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;
		HttpSession session = req.getSession(true);
		UserJB user = (UserJB) session.getAttribute(UtilString.USER_JB);	
		
		String uri = req.getRequestURI();
		String url = req.getRequestURL().toString();
		String queryParameters = req.getQueryString();		
		
		System.out.println("\nINIT - SecurityFilter");
		System.out.println("SecurityFilter - url = " + UtilFormat.formatUrlPath(url, queryParameters));
		
		//verify url no restricted >> redirect for "/home.jsp"
		if(user != null && !checkUrlRestricted(uri)){
			res.sendRedirect("/home.jsp");
			System.out.println("END - SecurityFilter");
			return;
		}
				
		//if user is null, then verify url and redirect for login
		if(user == null && !checkUriDefault(uri)){
			
			if(checkUrlRestricted(uri)){				
				String urlRedirect = UtilFormat.formatUrlPath(url, queryParameters);
				session.setAttribute(UtilString.URL_REDIRECT, urlRedirect);
			}			
			res.sendRedirect("/login.jsp");			
			
			System.out.println("END - SecurityFilter");
			return;
		}
		
		chain.doFilter(request, response);
		
		System.out.println("END - SecurityFilter");
		
	}

	private boolean checkUriDefault(String uri){
		String[] arrayUri = {"/LoginController.action", "/login.jsp", "/login_error.jsp"};
		return UtilFunction.containsStringArray(uri, arrayUri);
	}
	
	private boolean checkUrlRestricted(String uri){
		String[] arrayUrl = {"/", "/index.jsp", "/login.jsp", "/LoginControler.action", "/login_error.jsp"};
		return UtilFunction.containsStringArray(uri, arrayUrl);		
	}
	

}
